is this for a single ip? our upstream thats actually communicating said they dont support blackhole community, the other i assume wont either
is this stating you can trigger at cogent even though not peered with them directly? On Wed, Jun 22, 2016 at 9:51 AM, Justin Wilson <[email protected]> wrote: > BlackHole server > The Blackhole server allows customers under a DDOS attack to send all > traffic to the IP address under attack to null route. > To request configuration on the blackhole server: Log into eCogent and > click on BGP request. You will need the following information: > 1. Order Number. > 2. An IP address from your network with which we will peer. > 3. A password (all blackhole server sessions are password protected). > > All North American and Asia Pacific Customers will peer with: > IPv4: 66.28.8.2 and IPv6: 2001:550:0:1000::421c:802 > > All European Customers will peer with: IPv4: 130.117.20.2 and IPv6: > 2001:550:0:1000::8275:1402 > > Once your session to the blackhole server has been established, any > network you announce to it will be stopped at our borders. Please note that > Cogent does not warrant or guarantee that use of the blackhole server will > mitigate, or minimize any effects of a DDOS attack nor does Cogent > guarantee that a session to the blackhole server can be established on a > timely basis. You are limited to announcing 50 prefixes to our blackhole > server. If you anticipate needing to announce more, relay that request to > our Customer Support department along with the technical justification for > an increase in the number of prefixes to be announced. > > > Justin Wilson > [email protected] > > --- > http://www.mtin.net Owner/CEO > xISP Solutions- Consulting – Data Centers - Bandwidth > > http://www.midwest-ix.com COO/Chairman > Internet Exchange - Peering - Distributed Fabric > > On Jun 22, 2016, at 10:37 AM, Kurt Fankhauser <[email protected]> > wrote: > > Really? Mikrotik can automatically trigger a blackhole IP with Cogent? I > have had to call Cogent to get IP's blacklisted previously. > > On Wed, Jun 22, 2016 at 10:15 AM, Justin Wilson <[email protected]> wrote: > >> San example with Cogent: >> >> >> >> add in-filter=cogent-blackhole-in multihop=yes name=Cogent-BlackHole >> out-filter=cogent-blackhole-out remote-address=130.117.20.1 remote-as=174 >> tcp-md5-key=<my-md5-key> ttl=default >> update-source=<interface-facing-cogent-or-ip-that-was-sent-to-Cogent> >> >> >> >> >> >> Justin Wilson >> [email protected] >> >> --- >> http://www.mtin.net Owner/CEO >> xISP Solutions- Consulting – Data Centers - Bandwidth >> >> http://www.midwest-ix.com COO/Chairman >> Internet Exchange - Peering - Distributed Fabric >> >> On Jun 20, 2016, at 7:35 PM, Matt <[email protected]> wrote: >> >> Has anyone used BGP and Remote-Triggered BlackHole with Mikrotik to >> help deal with DOS attacks? Any examples of getting it too work with >> Mikrotik? >> >> >> > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
